2018-07-04T10:13:44.191Z,078-008-EXC001\Default Frontend 078-008-EXC001,08D5E195F518A7F4,0,192.168.100.14:25,192.168.100.13:23668,+,,
2018-07-04T10:13:44.192Z,078-008-EXC001\Default Frontend 078-008-EXC001,08D5E195F518A7F4,1,192.168.100.14:25,192.168.100.13:23668,>,220 078-008-EXC001\Default Frontend 078-008-EXC001,
2018-07-04T10:13:44.192Z,078-008-EXC001\Default Frontend 078-008-EXC001,08D5E195F518A7F4,2,192.168.100.14:25,192.168.100.13:23668,<,EHLO EXCH.TF.PLANT,
2018-07-04T10:13:44.192Z,078-008-EXC001\Default Frontend 078-008-EXC001,08D5E195F518A7F4,3,192.168.100.14:25,192.168.100.13:23668,>,250 078-008-exc001.TF.PLANT Hello [192.168.100.13] SIZE 37748736 PIPELINING DSN ENHANCEDSTATUSCODES STARTTLS X-ANONYMOUSTLS AUTH NTLM X-EXPS GSSAPI NTLM 8BITMIME BINARYMIME CHUNKING XRDST,
2018-07-04T10:13:44.193Z,078-008-EXC001\Default Frontend 078-008-EXC001,08D5E195F518A7F4,4,192.168.100.14:25,192.168.100.13:23668,<,X-ANONYMOUSTLS,
2018-07-04T10:13:44.193Z,078-008-EXC001\Default Frontend 078-008-EXC001,08D5E195F518A7F4,5,192.168.100.14:25,192.168.100.13:23668,>,220 2.0.0 SMTP server ready,
2018-07-04T10:13:44.194Z,078-008-EXC001\Default Frontend 078-008-EXC001,08D5E195F518A7F4,6,192.168.100.14:25,192.168.100.13:23668,*," CN=taurasfenix.com, O=TAURAS-FENIX CJSC, OU=IT, L=Saint Petersburg, S=Saint Petersburg, C=RU CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE 125492A5F4FBCA1EE2EE850D 207065D06B64AB376F64826986823BAFED9BA78B 2018-06-22T17:01:05.000Z 2020-06-22T17:01:05.000Z taurasfenix.com;[url=http://www.taurasfenix.com;]www.taurasfenix.com;[/url]owa.taurasfenix.com;mail.taurasfenix.com;autodiscover.taurasfenix.com",Sending certificate Subject Issuer name Serial number Thumbprint Not before Not after Subject alternate names
2018-07-04T10:13:44.204Z,078-008-EXC001\Default Frontend 078-008-EXC001,08D5E195F518A7F4,7,192.168.100.14:25,192.168.100.13:23668,*,,TLS negotiation failed with error InvalidParameter
2018-07-04T10:13:44.204Z,078-008-EXC001\Default Frontend 078-008-EXC001,08D5E195F518A7F4,8,192.168.100.14:25,192.168.100.13:23668,-,,Local
[PS] C:\Windows\system32>Get-SendConnector | fl
AddressSpaces : {SMTP:*;1}
AuthenticationCredential :
Comment :
ConnectedDomains : {}
ConnectionInactivityTimeOut : 00:10:00
DNSRoutingEnabled : True
DomainSecureEnabled : False
Enabled : True
ErrorPolicies : Default
ForceHELO : False
Fqdn : mail.taurasfenix.com
HomeMTA : Microsoft MTA
HomeMtaServerId : 078-008-EXC001
Identity : SMTP
IgnoreSTARTTLS : True
IsScopedConnector : False
IsSmtpConnector : True
LinkedReceiveConnector :
MaxMessageSize : 34.41 MB (36,085,760 bytes)
Name : SMTP
Port : 25
ProtocolLoggingLevel : Verbose
RequireOorg : False
RequireTLS : False
SmartHostAuthMechanism : None
SmartHosts : {}
SmartHostsString :
SmtpMaxMessagesPerConnection : 20
SourceIPAddress : 0.0.0.0
SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers : {078-008-EXC001, EXCH}
TlsAuthLevel :
TlsDomain :
UseExternalDNSServersEnabled : True
AddressSpaces : {SMTP:remote2.domain;1, SMTP:remote.domain;1}
AuthenticationCredential :
Comment :
ConnectedDomains : {}
ConnectionInactivityTimeOut : 00:10:00
DNSRoutingEnabled : False
DomainSecureEnabled : False
Enabled : True
ErrorPolicies : Default
ForceHELO : False
Fqdn : mx2.remote.domain
HomeMTA : Microsoft MTA
HomeMtaServerId : EXCH
Identity : mc
IgnoreSTARTTLS : False
IsScopedConnector : False
IsSmtpConnector : True
LinkedReceiveConnector :
MaxMessageSize : 34.41 MB (36,085,760 bytes)
Name : mc
Port : 25
ProtocolLoggingLevel : Verbose
RequireOorg : False
RequireTLS : False
SmartHostAuthMechanism : None
SmartHosts : {[46.ххх.ххх.ххх]}
SmartHostsString : [46.ххх.ххх.ххх]
SmtpMaxMessagesPerConnection : 20
SourceIPAddress : 0.0.0.0
SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers : {EXCH}
TlsAuthLevel :
TlsDomain :
UseExternalDNSServersEnabled : True
2018-07-05T05:48:40.599Z,08D5E23A773EB15B,SMTP,hub version 15,+,SmtpRelayWithinAdSite 61027a30-e9a9-4c2d-acb5-c1efc96d5d8b;QueueLength=2
2018-07-05T05:48:40.599Z,08D5E23A773EB15B,SMTP,hub version 15,>,078-008-exc001.TF.PLANT[192.168.100.14]
2018-07-05T05:48:40.599Z,08D5E23A773EB15B,SMTP,hub version 15,>,Established connection to 192.168.100.14
2018-07-05T05:48:40.599Z,08D5E23A773EB15B,SMTP,hub version 15,-,Messages: 0 Bytes: 0 (Retry : Cannot achieve Exchange Server authentication)
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL]
"SendTrustedIssuerList=dword:00000000"
стати, решение вообще нагуглилось применительно к 2007.Ссылку дай.
SendTrustedIssuerListhttps://support.microsoft.com/en-us/help/2464556/failed-tls-connection-between-unified-communications-peers-generates-a
Issues Resolvedhttps://blogs.technet.microsoft.com/rmilne/2017/12/19/exchange-2010-sp3-ru19-released/
There is one listed fix for RU19. This is especially important to review in an Exchange 2010 and 2016 coexistence environment. There is an issue where proxied EWS connections from Exchange 2016 to Exchange 2010 are not correctly authenticated.
Как выяснилось, у Фрая на 2010 стоял CU18. А уже в CU19:В минимальных требованиях там вообще CU13, ЕМНИПЦитироватьIssues Resolvedhttps://blogs.technet.microsoft.com/rmilne/2017/12/19/exchange-2010-sp3-ru19-released/
There is one listed fix for RU19. This is especially important to review in an Exchange 2010 and 2016 coexistence environment. There is an issue where proxied EWS connections from Exchange 2016 to Exchange 2010 are not correctly authenticated.
З.Ы. А уже и CU22 есть для 2010.